[UPDATE] devel/jdk - fork safety mostly

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[UPDATE] devel/jdk - fork safety mostly

Kurt Miller-3
jdk/1.8 & jdk/11:
Use closefrom(2) after fork/vfork and before exec instead of
opendir/readdir on /dev/fd. opendir/readdir are not async-signal-
safe and may not be safely called after forking in a multithreaded
program. Issue raised to my attention by deraadt@.

jdk/11:
Update to bsd release 2 of 11.0.3-7 which contains BsdSocketOptions
fix and other corrections that can be viewed here:

https://github.com/battleblow/openjdk-jdk11u/releases

Index: 1.8/Makefile
===================================================================
RCS file: /cvs/ports/devel/jdk/1.8/Makefile,v
retrieving revision 1.41
diff -u -p -u -r1.41 Makefile
--- 1.8/Makefile 11 Mar 2019 19:51:35 -0000 1.41
+++ 1.8/Makefile 22 May 2019 19:56:07 -0000
@@ -13,6 +13,7 @@ PKGNAME= jdk-${V}
 PKGNAME-main= jdk-${V}
 PKGNAME-jre= jre-${V}
 EPOCH= 0
+REVISION= 0
 
 DIST_SUBDIR= jdk
 DISTNAME= openjdk-8u202b08-bsd-port-20190310
Index: 1.8/patches/patch-jdk_src_solaris_native_java_lang_childproc_c
===================================================================
RCS file: 1.8/patches/patch-jdk_src_solaris_native_java_lang_childproc_c
diff -N 1.8/patches/patch-jdk_src_solaris_native_java_lang_childproc_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ 1.8/patches/patch-jdk_src_solaris_native_java_lang_childproc_c 22 May 2019 19:56:07 -0000
@@ -0,0 +1,42 @@
+$OpenBSD$
+
+Index: jdk/src/solaris/native/java/lang/childproc.c
+--- jdk/src/solaris/native/java/lang/childproc.c.orig
++++ jdk/src/solaris/native/java/lang/childproc.c
+@@ -62,6 +62,28 @@ isAsciiDigit(char c)
+   return c >= '0' && c <= '9';
+ }
+
++#if defined(__OpenBSD__)
++/*
++ * Quoting POSIX: "If a multi-threaded process calls fork(), the new
++ * process shall contain a replica of the calling thread and its entire
++ * address space, possibly including the states of mutexes and other
++ * resources. Consequently, to avoid errors, the child process may only
++ * execute async-signal-safe operations until such time as one of the exec
++ * functions is called."
++ *
++ * opendir and readir are not async-signal-safe and can deadlock when
++ * called after fork or vfork (and before exec) so use closefrom syscall
++ * which is safe to call after forking.
++ */
++int
++closeDescriptors(void)
++{
++    int err;
++    RESTARTABLE(closefrom(FAIL_FILENO + 1), err);
++    return err;
++}
++#else
++
+ #ifdef _ALLBSD_SOURCE
+ #define FD_DIR "/dev/fd"
+ #define dirent64 dirent
+@@ -113,6 +135,7 @@ closeDescriptors(void)
+
+     return 1;
+ }
++#endif /* __OpenBSD__ */
+
+ int
+ moveDescriptor(int fd_from, int fd_to)
Index: 11/Makefile
===================================================================
RCS file: /cvs/ports/devel/jdk/11/Makefile,v
retrieving revision 1.4
diff -u -p -u -r1.4 Makefile
--- 11/Makefile 17 May 2019 16:45:25 -0000 1.4
+++ 11/Makefile 22 May 2019 19:56:07 -0000
@@ -7,7 +7,7 @@ DPB_PROPERTIES= parallel
 COMMENT= OpenJDK Software Development Kit v${VERSION_STR}
 BASE_VER= 11.0.3
 PATCH_VER= 7
-BSD_PORT_REL= 1
+BSD_PORT_REL= 2
 VERSION_STR= ${BASE_VER}+${PATCH_VER}-${BSD_PORT_REL}
 PACKAGE_VER= ${BASE_VER}.${PATCH_VER}.${BSD_PORT_REL}
 PKGNAME= jdk-${PACKAGE_VER}
Index: 11/distinfo
===================================================================
RCS file: /cvs/ports/devel/jdk/11/distinfo,v
retrieving revision 1.2
diff -u -p -u -r1.2 distinfo
--- 11/distinfo 18 Apr 2019 18:06:17 -0000 1.2
+++ 11/distinfo 22 May 2019 19:56:07 -0000
@@ -1,6 +1,6 @@
-SHA256 (jdk/jdk-11.0.3+7-1.tar.gz) = GnX0U8XoGcI5nYAqly+epsKWII2P4LgQ2tiQZ+Y3QZw=
+SHA256 (jdk/jdk-11.0.3+7-2.tar.gz) = Bc4AAjPui2NcBV3nfdmfRqVRRPZcnEnTyej+y3if/dE=
 SHA256 (jdk/openjdk-jdk11u-bootjdk-amd64-20190325.tar.gz) = uADjYEnch2TUXtDpWe9rAfgLXR7NvqOKsOrdpKH4qNY=
 SHA256 (jdk/openjdk-jdk11u-bootjdk-i386-20190325.tar.gz) = nI7/p0nVpFbiD01gpCl5QSfjtOeI/41PumOKfK/HeOA=
-SIZE (jdk/jdk-11.0.3+7-1.tar.gz) = 116791459
+SIZE (jdk/jdk-11.0.3+7-2.tar.gz) = 116808765
 SIZE (jdk/openjdk-jdk11u-bootjdk-amd64-20190325.tar.gz) = 113818989
 SIZE (jdk/openjdk-jdk11u-bootjdk-i386-20190325.tar.gz) = 101841640
Index: 11/patches/patch-src_java_base_unix_native_libjava_childproc_c
===================================================================
RCS file: 11/patches/patch-src_java_base_unix_native_libjava_childproc_c
diff -N 11/patches/patch-src_java_base_unix_native_libjava_childproc_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ 11/patches/patch-src_java_base_unix_native_libjava_childproc_c 22 May 2019 19:56:07 -0000
@@ -0,0 +1,42 @@
+$OpenBSD$
+
+Index: src/java.base/unix/native/libjava/childproc.c
+--- src/java.base/unix/native/libjava/childproc.c.orig
++++ src/java.base/unix/native/libjava/childproc.c
+@@ -62,6 +62,28 @@ isAsciiDigit(char c)
+   return c >= '0' && c <= '9';
+ }
+
++#if defined(__OpenBSD__)
++/*
++ * Quoting POSIX: "If a multi-threaded process calls fork(), the new
++ * process shall contain a replica of the calling thread and its entire
++ * address space, possibly including the states of mutexes and other
++ * resources. Consequently, to avoid errors, the child process may only
++ * execute async-signal-safe operations until such time as one of the exec
++ * functions is called."
++ *
++ * opendir and readir are not async-signal-safe and can deadlock when
++ * called after fork or vfork (and before exec) so use closefrom syscall
++ * which is safe to call after forking.
++ */
++int
++closeDescriptors(void)
++{
++    int err;
++    RESTARTABLE(closefrom(FAIL_FILENO + 1), err);
++    return err;
++}
++#else
++
+ #if defined(_AIX)
+   /* AIX does not understand '/proc/self' - it requires the real process ID */
+   #define FD_DIR aix_fd_dir
+@@ -116,6 +138,7 @@ closeDescriptors(void)
+
+     return 1;
+ }
++#endif /* __OpenBSD__ */
+
+ int
+ moveDescriptor(int fd_from, int fd_to)
Index: 11/patches/patch-src_jdk_net_bsd_native_libextnet_BsdSocketOptions_c
===================================================================
RCS file: 11/patches/patch-src_jdk_net_bsd_native_libextnet_BsdSocketOptions_c
diff -N 11/patches/patch-src_jdk_net_bsd_native_libextnet_BsdSocketOptions_c
--- 11/patches/patch-src_jdk_net_bsd_native_libextnet_BsdSocketOptions_c 18 Apr 2019 18:06:17 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,38 +0,0 @@
-$OpenBSD: patch-src_jdk_net_bsd_native_libextnet_BsdSocketOptions_c,v 1.1 2019/04/18 18:06:17 kurt Exp $
-
-Index: src/jdk.net/bsd/native/libextnet/BsdSocketOptions.c
---- src/jdk.net/bsd/native/libextnet/BsdSocketOptions.c.orig
-+++ src/jdk.net/bsd/native/libextnet/BsdSocketOptions.c
-@@ -68,7 +68,7 @@ static void handleError(JNIEnv *env, jint rv, const ch
- JNIEXPORT jboolean JNICALL Java_jdk_net_BsdSocketOptions_keepAliveOptionsSupported0
- (JNIEnv *env, jobject unused) {
- #ifdef __OpenBSD__
--    return false;
-+    return JNI_FALSE;
- #else
-     return socketOptionSupported(TCP_KEEPIDLE) && socketOptionSupported(TCP_KEEPCNT)
-             && socketOptionSupported(TCP_KEEPINTVL);
-@@ -133,6 +133,7 @@ JNIEXPORT jint JNICALL Java_jdk_net_BsdSocketOptions_g
- #ifdef __OpenBSD__
-     JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
-                     "unsupported socket option");
-+    return -1;
- #else
-     jint optval, rv;
-     socklen_t sz = sizeof (optval);
-@@ -152,6 +153,7 @@ JNIEXPORT jint JNICALL Java_jdk_net_BsdSocketOptions_g
- #ifdef __OpenBSD__
-     JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
-                     "unsupported socket option");
-+    return -1;
- #else
-     jint optval, rv;
-     socklen_t sz = sizeof (optval);
-@@ -171,6 +173,7 @@ JNIEXPORT jint JNICALL Java_jdk_net_BsdSocketOptions_g
- #ifdef __OpenBSD__
-     JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
-                     "unsupported socket option");
-+    return -1;
- #else
-     jint optval, rv;
-     socklen_t sz = sizeof (optval);